OAuth/examples
< OAuth(Redirected from OAuth examples)
Jump to navigation
Jump to search
 | Please note the Future deprecation of HTTP Basic Auth and OAuth 1.0a announcement: https://www.openstreetmap.org/user/pnorman/diary/401157 |
The following OAuth examples will help developers create new OpenStreetMap OAuth client software. The links give code snippets or fully working tools (with source code) in several programming languages. For more information see the general page on OAuth.
JavaScript
- iD editor uses it.
- github.com/osmlab/osm-auth is the auth logic of iD ripped out to be re-usable.
Python
- Python Social Auth Library, OAuth2 OpenStreetMap backend
- OSM Tasking Manager – Web app which reads preferences via OAuth for identity
- hotosm/tasking-manager/blob/develop/backend/services/users/authentication_service.py#L56 GitHub Authentification code
- hotosm/tasking-manager/blob/develop/backend/services/users/osm_service.py#L16 GitHub API code
Example using authlib
# using requests implementation
from authlib.integrations.requests_client import OAuth2Session
# using httpx implementation (async)
#from authlib.integrations.httpx_client import AsyncOAuth2Client
client_id = 'YOUR_CLIENT_ID'
client_secret = 'YOUR_CLIENT_SECRET'
user_agent = 'YourAppName/0.1'
# api scopes (see https://wiki.openstreetmap.org/wiki/OAuth)
scope = 'read_prefs write_api'
# URI to redirect to after successful authorization
redirect_uri = 'https://example.com/callback'
client = OAuth2Session(
client_id,
client_secret,
scope=scope,
redirect_uri=redirect_uri,
headers={'User-Agent': user_agent})
# generate authorization URL and state (save it for later)
uri, state = client.create_authorization_url('https://www.openstreetmap.org/oauth2/authorize')
# redirect the user to the authorization URL and wait for callback
print(uri)
# ...
# ...
# after authorization, capture the full callback URL
# replace `request.url` with the actual URL you received
callback_url = str(request.url)
# fetch the OAuth2 token using the state and callback URL
client.token = client.fetch_token(
'https://www.openstreetmap.org/oauth2/token',
state=state,
authorization_response=callback_url)
# make authenticated API request
r = client.get('https://api.openstreetmap.org/api/0.6/user/details.json')
r.raise_for_status()
print(r.json())
PHP
R
Example for OAuth2 with httr2
obfuscated_secret <- httr2::obfuscate("OAuth-secret0123456789") # raw secret
client <- httr2::oauth_client(
id = "OAuth-id0123456789"),
token_url = "https://www.openstreetmap.org/oauth2/token",
secret = httr2::obfuscated(obfuscated_secret), # save the obfuscated secret string in the code here instead of the raw secret above
auth = "header"
)
token <- httr2::oauth_flow_auth_code(
client = client,
auth_url = "https://www.openstreetmap.org/oauth2/authorize",
scope = paste(c("read_prefs", "write_prefs", "write_api", "read_gpx", "write_gpx", "write_notes"), collapse = " "),
pkce = TRUE,
redirect_uri = "http://127.0.0.1"
)